Analytical System

Passive DNS for threat intelligence

What is it?

The scale of cyberattacks steadily grows and often goes undetected. Cybercriminals use the internet infrastructure to attack and hide behind anonymity to carry out their crimes. How are we to respond to increasing cyberattacks and cybercrime? It is a fundamental question.

Security analysts need a real time unique intelligence about related domains, IP addresses and queries to thoroughly study, analyze the information and quickly remediate threats before they cause substantial harm.

Studying passive DNS data allows researchers to track which domain names are hosted by particular name servers and which domain names point to which IP networks, identify anomalies and detect changes in DNS resolving on interested domains.